The Verizon 2016 Data Breach Investigations Report details findings pulled from a sampling of more than 100,000 incidents and 2,260 data breaches. The 85-page report is certainly worth a read for anyone interested in information security. For those in a hurry, here are a few of the key points I saw:
In light of the increased pressure created by Chinese espionage indictments and other high visibility breaches, enterprises might be tempted to invest in so-called cutting edge technologies. When news stories put a spotlight on cybersecurity, technology companies jump at the opportunity to tout their latest and greatest cure-all solutions. Anti-malware, AV, IPS don’t have magical abilities to stop every attack or plug every vulnerable gap.
Since the 2014 Verizon Data Breach Investigations Report was released last week, you’ve likely been flooded with stats and findings from the report. The report does contain a vast array of fascinating data for even the most casual in the cyber security field – from pondering the renaissance of RAM scraping during the ‘year of the retailer breach’ to debating the ebb and flow of trends in criminal motivation such as financial gain and ideology. However, the most significant development I observed in this year’s report was a change in the report itself.
The Verizon Data Breach Investigations Report 2013 clearly demonstrated that small and midsize businesses are as susceptible to advanced threats as large enterprises. The report indicated that SMBs are targets of espionage and financial fraud. Small businesses are often times the creators and innovators of valuable intellectual property (IP) and its incredibly important that SMBs be extremely concerned about protecting their business from espionage, advanced threats and cyber attacks. The impact of a data breach on SMBs can be downright devastiving.
According the recently released annual Verizon Data Breach Investigations Report (DBIR), 8 percent of breaches are discovered by the victim organization. Shouldn’t this stat be incredibly higher? As soon as a breach occurs, shouldn’t an organization be right on top of it? As ComptuerWeekly.com’s UK Bureau Chief Ron Condon writes in a recent article, “[This latest statistic is] an indicator of missed opportunities to more promptly and thoroughly analyze log data to identify malicious activity on their networks.”
We have talked a lot about the need for unified situational awareness lately, but did you ever stop to think about the implications of why you may need this level of security or who and what may be at risk?